<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=gb2312">
<META content="MSHTML 6.00.3790.2817" name=GENERATOR>
<STYLE>
<!--
/* Font Definitions */
@font-face
{font-family:宋体;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Verdana;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:"\@宋体";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
text-align:justify;
text-justify:inter-ideograph;
font-size:10.5pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Verdana;
color:windowtext;
font-weight:normal;
font-style:normal;
text-decoration:none none;}
/* Page Definitions */
@page Section1
{size:595.3pt 841.9pt;
margin:72.0pt 90.0pt 72.0pt 90.0pt;
layout-grid:15.6pt;}
div.Section1
{page:Section1;}
-->
</STYLE>
</HEAD>
<BODY>
<DIV><FONT face=Verdana color=#0000ff size=2></FONT> </DIV>
<DIV><FONT face=Verdana size=2>Hi, Paul:</FONT></DIV>
<DIV><FONT face=Verdana size=2></FONT> </DIV>
<DIV><FONT face=Verdana size=2>Thank you for the advice.</FONT></DIV>
<DIV><FONT face=Verdana size=2>Now I use the
/etc/ipsec.d/examples/l2tp-cert.conf.</FONT></DIV>
<DIV><FONT face=Verdana size=2>I can see the ipsec connection is
up.</FONT></DIV>
<DIV><FONT face=Verdana size=2></FONT> </DIV>
<DIV><FONT face=Verdana size=2>The key point is:</FONT></DIV>
<DIV>leftprotoport=17/1701</DIV>
<DIV>rightprotoport=17/1701</DIV>
<DIV> </DIV>
<DIV>It seems not necessary for linux to linux.</DIV>
<DIV>but mandatory for l2tp.</DIV>
<DIV> </DIV>
<DIV>I am now moving to the </DIV>
<DIV>l2tpd which should be simialiar to ppp.</DIV>
<DIV>That should be easy.</DIV>
<DIV> </DIV>
<DIV><FONT face=Verdana size=2>George</FONT></DIV>
<DIV><FONT face=Verdana size=2><FONT face="Times New Roman"
size=3></FONT> </DIV>
<DIV>
<HR>
</DIV></FONT>
<DIV><FONT face=Verdana><FONT size=2><STRONG>发件人:</STRONG> Paul
Wouters</FONT></FONT></DIV>
<DIV><FONT face=Verdana><FONT size=2><STRONG>发送时间:</STRONG>
2007-02-05 00:00:18</FONT></FONT></DIV>
<DIV><FONT face=Verdana><FONT size=2><STRONG>收件人:</STRONG> George
Wu</FONT></FONT></DIV>
<DIV><FONT face=Verdana><FONT size=2><STRONG>抄送:</STRONG>
users</FONT></FONT></DIV>
<DIV><FONT face=Verdana><FONT size=2><STRONG>主题:</STRONG> Re: Re: [Openswan
Users] l2tp ike phase 2 quick mode message</FONT></FONT></DIV>
<DIV><FONT face=Verdana size=2></FONT> </DIV>
<DIV><FONT face=Verdana size=2>
<DIV>On Sun, 4 Feb 2007, George Wu
wrote:</DIV>
<DIV> </DIV>
<DIV>> Feb 4 10:22:02 localhost
pluto[4447]: packet from 192.168.1.128:500:
initial Ma</DIV>
<DIV>> in Mode message received on
192.168.1.131:500 but no connection has been
authori</DIV>
<DIV>> zed</DIV>
<DIV> </DIV>
<DIV>Your connections is wrong or did not
load properly.</DIV>
<DIV>Either you don't have auto=add, or your
connections fails at bootup, which
will</DIV>
<DIV>appear in the logs with a reason
for the failure.</DIV>
<DIV> </DIV>
<DIV>Paul</DIV>
<DIV>-- </DIV>
<DIV>Building and integrating Virtual Private
Networks with Openswan:</DIV>
<DIV><A
href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</A></DIV></FONT></DIV></BODY></HTML>